<?php
/**
 * Created by JetBrains PhpStorm.
 * File: PublicAction.class.php
 * User: Xnfy520@gmail.com
 * Date: 12-3-9
 * Time: 下午9:45
 */

	class PublicAction extends Action{


		function verify(){
			import('ORG.Util.Image');
			Image::buildImageVerify(6, 1, 'png', 60);
		}

		function login(){
			$this->display();
		}

		public function checkLogin(){

			C('TMPL_ACTION_ERROR', THEME_PATH.'/Public/dispatch_jump.tpl');


			//	 dump($_POST);
			$user = M('User');
			$userinfo = $user->getByUsername($_POST['username']);
			$roleuser = M('RoleUser');
			$roleid = $roleuser->where('user_id='.$userinfo['id'])->find();
			if($roleid['role_id']!=1){
				$this->error('非管理员不能登录后台');
			}

			if(empty($_POST['username'])) {
				$this->error('帐号必填！');
			}elseif (empty($_POST['password'])){
				$this->error('密码必填！');
			}elseif (empty($_POST['verify'])){
				$this->error('验证码必填！');
			}

			//生成认证条件
			$map            =   array();
			// 支持使用绑定帐号登录
			$map['username']	= $_POST['username'];
			//	 $map["status"]	=	array('gt',0);
			 if($_SESSION['verify'] != md5($_POST['verify'])) {
				 $this->error('验证码错误！');
			 }

			import ( 'ORG.Util.RBAC' );
			$authInfo = RBAC::authenticate($map);
			//使用用户名、密码和状态的方式进行认证
			if(false === $authInfo) {
				$this->assign('waitSecond',9999);
				$this->error('帐号不存在或已禁用！');
			}else {
				if($authInfo['password'] != md5($_POST['password'])) {
					$this->error('密码错误！');
				}
				$_SESSION[C('USER_AUTH_KEY')]	=	$authInfo['id'];
				$_SESSION['username'] = $authInfo['username'];
				//			 $_SESSION['email']	=	$authInfo['email'];
				//			 $_SESSION['loginUserName']		=	$authInfo['nickname'];
				//			 $_SESSION['lastLoginTime']		=	$authInfo['last_login_time'];
				//			 $_SESSION['login_count']	=	$authInfo['login_count'];
				if($authInfo['username']=='admin') {
					$_SESSION['administrator']		=	true;
				}
				//保存登录信息
				//			 $User	=	M('User');
				//			 $ip		=	get_client_ip();
				//			 $time	=	time();
				//			 $data = array();
				//			 $data['id']	=	$authInfo['id'];
				//			 $data['last_login_time']	=	$time;
				//			 $data['login_count']	=	array('exp','login_count+1');
				//			 $data['last_login_ip']	=	$ip;
				//			 $User->save($data);

				// 缓存访问权限
				RBAC::saveAccessList();
				$this->success('登录成功！','__APP__/Index');
			}
		}

		public function loginout(){
			if(isset($_SESSION[C('USER_AUTH_KEY')])) {
				unset($_SESSION[C('USER_AUTH_KEY')]);
				unset($_SESSION);
				session_destroy();
				$this->success('登出成功！', __ROOT__.'/index.php');
			}else {
				$this->error('已经登出！');
			}

		}

		}